skip to Main Content

I have a group of linux web apps with VNet Integration enabled on a subnet called web-tier and an azure server with private link configured on another subnet called data-tier.

I have also added nsg rules to the data-tier subnet nsg to allow inbound traffic from web-tier on ports TCP 1433, UDP 1434, and TCP 11000-11999 ports.

The SQL Server has "Redirect" connection policy with public network access disabled. I have restarted the web apps after creating the private endpoint but the web apps are still unable to connect to SQL Server.

Can anyone please advise what I may be missing here?

Thanks

2

Answers


  1. Chosen as BEST ANSWER

    Following this documentation, I opened up ports 1433-65535 for TCP for the outbound traffic from Web-tier and the inbound traffic for data-tier. This helped me fix my problem.


  2. You’re over-complicating things. Instead of a Private Endpoint, simply use a VNet Service Endpoint. That’s just a firewall rule that allows connections to your database from your private VNet. It’s cheaper too.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search